SB2022022301 - Compromised gateway (backdoor) in October CMS

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022022301

SB2022022301 - Compromised gateway (backdoor) in October CMS

Published: February 23, 2022

Security Bulletin ID SB2022022301
Severity
High
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Embedded malicious code (backdoor) (CVE-ID: CVE-2022-23655)

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to a project fork of October CMS v1.0 is using a compromised gateway to access the October CMS marketplace service. The compromised gateway captures the personal/business information of users and authors, including private source code files. It was also disclosed that captured plugin files are freely redistributed to other users without authorization.

The issue affects authors of plugins and themes listed on the October CMS marketplace where an end-user will inadvertently expose authors to potential financial loss by entering their private license key into a compromised server.

Note, the vulnerability is being exploited in the wild.


Remediation

Install update from vendor's website.

References